CAPEC-186
Malicious Software Update
Description
An adversary uses deceptive methods to cause a user or an automated process to download and install dangerous code believed to be a valid update that originates from an adversary controlled source.
Mitigations
Validate software updates before installing.
Skills Required
[High] This attack requires advanced cyber capabilities